Photo by Magda Ehlers from Pexels
Sponsored content from Broadcom
Jigsaw puzzles come in many shapes, sizes, and complexities, but they all are completed in a similar way — viewing the end goal, determining a strategy, and implementing piece by piece. Similarly, IT environments come in varied architectures, sizes, and complexities, and may seem just as daunting as the most complex jigsaw puzzle at first glance. Does anyone in an organization really understand how all the pieces of security puzzle fit together? Not an understanding of general security models implemented, but how all the pieces of the entire enterprise jigsaw puzzle of security fit together? Is there a picture that shows you what it is supposed to look like when finished?
IT operation models, architecture models, platforms, hardware, software, employees, and outsourcers all come together to form the full picture for effective security. And, while we can probably never get to zero risk, we can implement a Zero Trust model to enable a layered series of controls, giving us peace of mind amidst the complexities of the environment. The Zero Trust model enables us to manage all the pieces of the puzzle with the least amount of risk, and it is imperative in today’s IT environments.
A Model Designed to Calm the Storm
The Zero Trust security model can give us peace of mind even if we are not aware of every piece in our IT environment. At its most basic — never trust, always verify — the model says that we should prepare our environments assuming we will be breached. By making this assumption, we are proactive, similar to the way many people proactively and incrementally safeguard their homes before going on vacation.
Prior to departure for vacation, people will lock up their valuables, stop the newspaper and other mail, automate lights, alert neighbors, and lock doors. All of these are mitigation efforts to discourage a burglar from targeting the home and to reduce the damage should they fail despite security measures. Just as with a home, we can do the same with our IT environments.
The model also drives the principle that trust is not automatic and trust is not assumed; trust is gained at the entry point and reevaluated at each step on every journey. Resources are doled out in a granular fashion and only to those authorized. The trust level is commensurate with the task and not granted in excess. A Zero Trust model gives layers of protection and constantly verifies and validates. In total, it gives reassurance of security within the most complex of IT environments.
Where Can Zero Trust Help?
An all-or-nothing approach to implementing a new security model today is not an option. Security models and infrastructure are years in the making or, for the mainframe, decades in the making! Starting over by resetting every security control just isn’t an option our businesses can entertain. But, we don’t need to start from scratch to create a Zero Trust model to lower our risk. More assuring, it is not necessary to conduct a massive evaluation and make changes to Identity and Access Management (IAM) content. Instead, it is perfectly acceptable to augment existing IAM defenses with additional layers to provide a Zero Trust-compliant model. As always, “rings of security” and layered defenses are important in security architecture and the same works for implementation of Zero Trust.
Advanced authentication at boundary or entry points and contextual, granular, just-in-time authorization drive layered security checks in a series. Zero Trust is simply implemented with a combination of additional tools, and by following best practices with existing tools. From Multi-Factor Authentication, often easily or already adapted to existing architectures, to practices such as more granular controls, separation of duties and stringent adherence to least access privilege standards can all lead to a model of access driven by the goals of Zero Trust.
Analysis of a few well-known data breaches can illustrate where implementation of the Zero Trust model may have reduced the success and impact of the breach, perhaps resulting in the hackers abandoning their efforts:
1. In March 2020, Marriott disclosed that credentials from two employees were used to access a large amount of guest information. A Zero Trust model could have reduced risk by:
a. Requiring Multi-Factor to deepen the trust in the identity of the individual. Credential compromise is much more difficult when additional factors are required.
b. Using views or stored procedures to restrict access to data and allow data access commensurate with the need to know and validating business justification for access.
c. Continuous monitoring to alert on the egress of classified data, abnormal behavior from otherwise steadfast employees accounts.
2. The credit union, Desjardins Group, suffered an attack from a malicious insider. Under the Zero Trust model, where a breach is assumed from internal or external sources, additional preventive or deterrent controls could have been implemented:
a. Granular business justified access. Over 17 people were questioned with involvement in this incident. That large number of potential attackers suggests that need-to-know, granular access, and business-justified access may not have been followed as rigidly as possible in this case.
b. Physical and/or data segregation was not followed. This would have allowed for granular access controls and required a business need to gain access to data stores containing personal information.
The illustrations above describe incremental changes that, when added to a layered series of security controls would have reduced the risk and painted a richer enterprise security picture. Incremental changes are manageable and often simpler. It’s just a matter of committing to and implementing the next step in completing the puzzle.
Using Incremental Steps to Grow Your Achievement of Zero Trust
Many Zero Trust efforts focus on specific challenges, such as controlling access to cloud resources. But, security objectives are rarely achieved by a single-point fix or even a tool deployment. Zero Trust isn’t a part number, but an approach and way of thinking. While ignoring some platforms, or focusing only on specific business units might lead to quickly achieving a “check box” result for the Security and IT teams, it often does little to deliver on actual improvement in security posture. This consistently applies to mainframe where there is a common belief that it is secure, simply because it is a mainframe. However, just as with any platform, the mainframe too is only as secure as the people and policies make it. Much new thinking in security has led to changes in policies, procedures, and practices across many platforms, but often, the mainframe does not participate in these new practices, despite the critical nature of the platform in running most businesses.
Broadcom will continue with a series of posts, videos, how-to content, and more on its Zero Trust web page discussing Zero Trust on the mainframe. The goal is to provide pragmatic practices that can be adopted by any mainframe team, allowing them to leverage the benefits of Zero Trust sweeping the security community.
Admittedly, enterprise IT environments are large and complex. This applies to the mainframe as well, but don’t be overwhelmed. In future content, we will discuss how to implement a Zero Trust model with the mainframe in mind. Note: This won’t be and can’t be exclusive to the mainframe, as it is part of a larger hybrid environment delivering applications that span cloud, on-prem, and mainframe assets to deliver value to customers. But, it is time that mainframe adopted critical security models such as Zero Trust. In order to do so, we will approach the topic in several segments:
- What makes the Zero Trust model difficult to implement in the mainframe environment?
- How to adopt Zero Trust on the mainframe?
- Developing deeper trust in the identity of those accessing the mainframe
- Authentication verification
- Who and what are privileged accounts on the mainframe?
- Where does continuous monitoring factor into Zero Trust?
- Zero Trust and hybrid IT
In summary, the bad news is that we need to assume and prepare for the worst-case scenario. The good news is that efforts are layered and can be implemented incrementally. Risk reduction is gained at each step. Improve your peace of mind and learn more about the benefits of implementing Zero Trust on your mainframe.
Mary Ann Furno, security and compliance offering manager at Broadcom, leads portfolio-level strategy to evolve the Broadcom Mainframe Security solutions to meet changing market needs and customer requirements. Mary Ann has worked in the enterprise software industry for nearly 20 years in engineering and product management and brings a business voice to a technical topic.
Chip Mason, mainframe security product manager at Broadcom, has over 20 years of experience in the software industry. Chip leads strategy and product definition for the Broadcom Mainframe Security Suite. In this capacity, Chip guides product development and integration to deliver valuable security solutions, as well as serves as a subject-matter expert assisting customers to ensure security and compliance. Chip has experience across many areas of enterprise IT, including security management, software development, service management, and event management. Chip is certified in Scaled Agile Framework and ITIL.